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APPARATUS AND METHOD FOR AN 
AUTHENTICATED ELECTRONIC USERID 

FIELD OF THE INVENTION 

The present invention relates electronic user 
identification, and more specifically, to an apparatus and 
method for an authenticated electronic userid. 

BACKGROUND OF THE INVENTION 

Electronic mail, or "e-mail" has become one of the most 
popular forms of point-to-poinl communication for people 
with access to the Internet. An e-mail system typically 
comprises a database server, a local area network (LAN) 
and/or a modem bank, and an internet gateway. A user, who 
communicates with others via e-mail is typically given a 
user identification, or "userid" that permanently and 
uniquely identifies that user with the database server. The 
server typically has its own identity too, for example, the 
server is sometimes referred to as a host and the identity is 
called a "host name", or in some circles, a "domain name." 
When a user desires to check their e-mail, the user logs onto 
the e-mail system and e-mail messages are displayed on a 
terminal device or personal computer. A great advantage of 
e-mail over traditional mail, which accounts, in part, for its 
surge in popularity, is that messages can be delivered 
significantly faster, messages can be easily distributed to 
significantly more recipients, and it is, generally, less expen- 
sive for the user than regular mail, or "snail mail." 

However, the very properties which make e-mail so 
appealing over snail mail to a regular user can also create 
annoyances. The low cost, the ability for wide distribution 
and speed of e-mail make il particularly attractive lo unso- 
licited bulk e-mail advertisers. Unsolicited bulk e-mail 
("UBE") has fast become the advertising medium of choice 
for startup and sham companies looking to quickly and 
cheaply advertise their wares to a large audience. Frequently, 
such companies employ an application called a robot that 
searches electronic databases on the Internet (e.g., Yahoo, 
Lycos, AltaVista, etc.) for certain keywords that identify the 
demographics of a target market. From the database "hits", 
a list of uniform resource locators ("URI.s") for both web- 
sites and bulletin boards is compiled. The robot then 
methodically loads and scans die hypertext markup language 
source ("html") or ASCII lexl pages identified by the URI .s 
and harvests c-mail addresses. Phe e-mail addresses arc ihen 
added into a distribution list to which c-mail advertisements, 
or UBE messages, are spooled out. 

The ease with which e-mail addresses can be harvested 
not only from the various Internet search engines, but also 
from the "to:", "from:" and "cc:" fields in an e-mail mes- 
sages (e.g., a joke circulating the internet could have been 
forwarded to hundreds of unique e-mail addresses) and 
newsgroups has caused a proliferation of UBE. Eventually, 
these messages litter the e-mail of a user's "inbox" and the 
user must sift and sort the junk messages from the important 
messages. 

Another problem associated with the traditional e-mail 
address paradigm is that a user may only wish to commu- 
nicate once, or on a per-reply basis with another user. 

organization and personal communications, a single address 
is desired, in other scenarios, a restricted use e-mail address 
is desired. For example, an individual may only desire a 
single or temporary communication with a particular user, 
rather than giving the particular user a permanent e-mail 
address. 
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Known examples of filtering UBE messages and other 
non-trusted communications include querying incoming 
messages for certain unwanted sender addresses (e.g., the 
sender's e-mail address) and/or contextual keywords or 

5 phrases in the message body. For example, see U.S. Pat. No. 
5,6f 9,648, invented by Canale et al., which discloses such a 
system. Similarly, e-mail messages from known UBE sender 
domain names can be explicitly blocked. 

However, a problem with query and filter techniques is 

1° that the e-mail addresses must often be explicitly defined 
each time a new bulk mailer sends UBE. Further still, a 
domain name (as well as the e-mail address) is easily 
manipulated or "spoofed" by the originating bulk mailer. For 
example, the America On-Line "AOL" service domain name 

1 5 is often mimicked because many e-mail users will not block 
mail from the "aol.com" host because they know many 
people who subscribe to the AOL service. Furthermore, 
contextual query and filter techniques are prone to error and 
are difficult, if not impossible to setup correctly. Certainly, 

20 legitimate and potentially important messages will slip 
through the cracks with such systems. 

Thus, there is a need for a unique method and apparatus 
for authenticating electronic messages that is capable of 
controlling UBE and other forms of electronic messages that 

25 clutter communication applications such as electronic mail. 

SUMMARY OF THE INVENTION 

An apparatus and method for an authenticated electronic 

30 userid is provided. According to one embodiment, an elec- 
tronic message system generates an authenticated electronic 
userid for a local user that comprises an adapted digital 
signature. The adapted digital signature, with other 
identifiers, provides temporary or restricted electronic mes- 

35 sage privileges to a remote user. 

According lo one embodiment, the adapted digital signa- 
ture grants privileges to a particular remote user for access 
to a single local user on the message system. However, 
according to another embodiment, the adapted digital sig- 

40 nature grants privileges to a number of remote users from a 
particular host for access to one or more local users on the 
message system. 

In one embodiment, a process for creating an authenti- 
cated electronic userid comprises the acts of generating an 

45 adapted digital signature based on an originator key and a 
portion of a remote userid, and concatenating the adapted 
digital signature with originator information to form the 
authenticated electronic userid. 

5q In another embodiment, a process for authenticating an 
adapted digital signature comprises the acts of extracting a 
local userid and remote user information from an incoming 
electronic message; comparing the local userid to a list of 
local users; verifying the adapted digital signature is valid; 

ss and then granting access to an electronic service if the 
adapted digital signature is valid. 

As a result of the techniques described herein, UBE and 
other forms of unsolicited or undesired electronic messages 
are filtered in a more controlled manner than prior methods, 

60 and a local user will not need to remove UBE messages from 
their messaging application. 

BRIEF DESCRIPTION OF THE DRAWINGS 
The present invention is illustrated by way of example, 
65 and not by way of limitation, in the figures of the accom- 
panying drawings in which like reference numerals refer to 
similar elements and in which: 



6/12/06 EPR1.1 7-13 



US 6,356,935 Bl 



FIG. 1 is a diagram illustrating one embodiment of an 
electronic messaging system employing an authenticated 
message server; 

FIG. 2 is a functional diagram illustrating one embodi- 
ment of an authenticated message server and an authenti- 5 
cated electronic userid; 

FIG. 3 is a llovvcharl depicting the steps of generating an 
authenticated electronic userid; and 

FIG. 4 is a flowchart depicting the steps of verifying an 
authenticated electronic userid. ! 



FIG. 1 depicts an electronic messaging 
according to one embodiment of the prese 
System 100 includes a server 108, coupled to a terminal unit 
or personal computer 104, a router 112, and an authenticated 
message server 116. The interconnection or coupling mecha- 
nism between the various devices is preferably a liber optic 
network cable, but it can also be a twisted pair, or a wireless 
interconnection. According to one embodiment, server 108 
is a Sun Microsystems SPARC™ system running electronic 
message software such as Oracle Corporation's Interof- 
fice™ messaging server. Router 112 is a commercially ^ 
available internet router such as a Cisco Systems 7500 

Authenticated message server 116 can run on a standard 
personal computer, such as an Intel Pentium™ based micro- 
processor system. However, authenticated message server 30 
116 is alternatively part of the software component stack 
added to server 108. In such an embodiment, an application 
programming interlace ("API") for the messaging server 
108 is added which provides access to the authenticated 
message server services, specifically, the methods and tech- 3J 
niques for generating and verifying authenticated electronic 
userids as described herein. In the broader spirit of the 

incoming and outgoing messages are handled by separate 
servers or computer systems on an interconnected network 4Q 
(e.g. a LAN). 

From the server 108, outgoing electronic messages to 
remote users are typically passed through an internet gate- 
way router, such as router 112. Router 112 is preferably 
connected to the internet 120 via a Tl pipeline, or other 45 
leased line. Conversely, messages from the internet 120 to a 
particular local user associated with the server 108 will be 
passed through router 112. 

A remote user typically resides on a personal computer, 
such as laptop 132, which is also connected to a server 128. 50 
Server 128 is configured similar to server 108, but it can also 
be a different type of server, such as a Digital Equipment 
Corporation VAX/VMS™ system. The server 128 is likely 
to run a different messaging system, such as the University 
of Washington PINE™ messaging system. Similar to router 55 
112, router 124 is connected to server 128 and the internet 
120. 

In one embodiment, electronic message system 100 fur- 
ther comprises a wireless short message service ("SMS") 
system. An e-mail to SMS gateway receives an e-mail 60 
message (preferably an authenticated message) from router 
112 or authenticated message server 116. The gateway 
converts the e-mail into one or multiple short messages, 
typically of 160 characters in length, and forwards the short 
messages to an SMS center. In turn, the SMS center for- 65 
wards the message over a wireless link (e.g., a wireless local 
loop) to a local user (e.g., here, the receiving device can be 



a pager or a cellular telephone). A wireless short message 
service system is available from Omnipoint Corporation. 

FIG. 2 depicts a functional overview of an authenticated 
message server 200. According to one embodiment, the 
authenticated message server 200 comprises a digital sig- 
nature engine 218 and an adaptation algorithm 220. 

According to a presently preferred embodiment, a local 
user "roger", who is using an electronic message system, 
such as one running on server 108 (identified by the host or 
domain name "domain.com"), composes and requests to 
send a message to a remote user identified as 
"jenny@mailer.com". When local user "roger" requests to 
send the message to remote user "jenny(o mailer.com", part 
of the message, in particular the remote userid 208 and the 
originator userid 204, is passed to a digital signature engine 
218 for processing. Digital signature engine 218 can also 
store the local user's (e.g. "roger") private key. depicted in 
FIG. 2 as originator key 212. Alternatively, the local user's 
originator key 212 can be sent in addition to or separate from 
the request by the messaging system residing on server 108. 
Preferably, originator key 212 is a 250 bit value. 

Remote userid 208, originator userid 204 and originator 
key 212 are passed to one-way hash function 216 in digital 
signature engine 218. In the present case, remote userid 208 
is the value "jennyfa.mailer.com", originator userid 204 is 
the value "roger" and originator key 212 is the (partial) 
originator key for local user "roger", which has a value of 
"3CF0 40A9 . . . 06E0 0801 16 ". One-way hash function 216 
performs a computational algorithm on inputs 204, 208 and 
212 to generate a fix-length array of bits called a hash value, 
but referred to herein as a "digital signature" 219. 

Preferably, the one-wav hash function 216 is the Message 
Digest 5 ("MD5") function. The MD5 function is described 
in RFC 1321, entitled "The MD5 Message-Digest 
Algorithm", by R. Rivesl and written in 1992, which is 
incorporated herein by reference. However, in other 
embodiments, the computation algorithm is an encryption 
algorithm that produces a vai table length digital signature. 

An example of an encryption algorithm that will work in 
the present inxeuliou is the data encryption algorithm 
defined in ANSI document X3.92-1981 (R1987) entitled 
"Data Encryption Algorithm", which is incorporated herein 
by reference. Using a data encryption algorithm, the same 
inputs as were used to produce the hash value are instead 
encrypted with an authenticated message server public key 
or a local user's public key. Note that when such an 
authenticated electronic userid is returned, it can either be 
decoded with an authenticated message server private key or 
a local user's private key, or it can be recomputed using the 
authenticated message server public key or local user's 
public key. 

Once the digital signature 219 is computed, the digital 
signature 219 is passed on to adaptation algorithm 220. 
Adaptation algorithm 220 transforms, or maps the digital 
signature 219 to an acceptable form for transmission in a 
return e-mail address. Preferably, a base64 conversion is 
performed by adaptation algorithm 220, whereby the con- 
terminous 6 bit strings of the digital signature are mapped to 
ASCII characters as follows: 



oooooo-ciiooi 
011010-110011 
110100-111101 
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In one embodiment, the output of the adaptation algo- 
rithm 220 is an adapted digital signature 228. However, in 
another embodiment the functionality of the adaptation 
algorithm 220 is performed by logic circuitry, or it is 
embedded into the particular computational function (e.g., 
one-way hash function 216) directly. In still another 
embodiment, the digital signature 219 does not need to be 
transformed with a base64 conversion; rather, the messaging 
system 100 supports binary and other digital formats. 
However, transforming the digital signature 219 into an 
adapted digital signature 228 in the form of ASCII charac- 
lers is preferred, since mosl legacy systems (e.g., internet 
e-mail) will generally support the character set. Additionally, 
the character set is easily replicated on a variety of input 
devices (e.g., computer keyboards, telephones, etc.) on 
which the authenticated electronic userid 250 can be typed. 

The adapted digital signature 228 will become part of an 
authenticated electronic userid 250 for the outbound mes- 
sage to the remote user "jcnnyr« niailcr.com". Identifiers 
224, 228 and 232, together with the other symbols (e.g., a 
period, an underscore, a hyphen, an ampersand, etc.) are 
concatenated to form authenticated electronic userid 250. 
For example, the return address of local user "roger" would 
appear similar to the address "roger. SrTwIFa9/ 
Da4qwP@domain.com". The authenticated electronic use- 
rid 250 will be the return/reply address to local user "roger". 

Assuming authorization is otherwise not granted to 
remote user "jenny@mailer.com", then the only way remote 
user "jenny@mailer.com" can send an electronic message to 
local user "roger" is with a message addressed to the 
authenticated electronic userid 250. Since local user "roger" 
controls whether remote user "jenny@mailer.com" will 
receive an authenticated electronic userid 250 with which t< > 
send him an electronic message, unsolicited electronic mes- 
sages and/or unsolicited bulk e-mail from remote user 
"jcnnylVemailcr.com" should not occur. 

Turning now to FIG. 3, it depicts a flowchart of the 
process of generating an authenticated electronic userid 250. 
In step 304, a request for an authenticated electronic userid 
250 is received by the authenticated message server 116. 
According to one embodiment, an outbound message, which 
comprises the request, is separated in step 308 and data from 
the "to:", "from:" fields is extracted. Additionally, the origi- 
nator key 212 is also separated, if it is included with the 
message, or it can be stored and retrieved from a tabic which 
is part of the authenticated message server 116. 

According to one embodiment, the outbound message 
also comprises pre-processing security level field that iden- 
tifies the level of security the message is to receive. For 
example, a "0" security level indicates no authenticated 
electronic userid is required for the message, where as a "1" 
indicates that the authenticated electronic userid is good for 
any person at the host or domain name of the remote user or 
message recipient. A "2" indicates that the authenticated 
electronic userid is good only for the remote user or message 
recipient, and a "3" indicates that the electronic userid is 
good only for a preset period of time (e.g., 24 hours) for a 
particular remote user. In one embodiment of an authenti- 
cated electronic userid. the value in the security level field 
is retained as a portion of the adapted digital signature 228. 
various levels and techniques for identifying the security 
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level of the authenticated electronic userid can be used. 
Furthermore, if a transferable one-time electronic userid is 
desired, then the methods and techniques described in issued 
U.S. Pat. No. 6,085,321, filed on the same day herewith and 
5 incorporated herein by reference in its entirety, can be 
consulted. 

Data extracted in the separating step 308, together with 
the originator key 212 are hashed by the one-way hash 
function 216 in step 312, preferably using an MD5 hash 

>'-' function, to generate the digital signature 219. After step 
312, the digital signature 219 is converted at step 316 using 
a base64 conversion algorithm. The output of the base64 
conversion algorithm is the adapted digital signature 228. 
The adapted digital signature 228 will, in part, grant the 

15 remote user "jenny@mailer.com" privilege to reply or send 
a message to local user "roger". 

In step 320, the output of the adaptation algorithm 220, 
thatis, adapied digital signature 228, the originator identifier 
224 and the originator's host or domain name 232 are 

20 concatenated as a single authenticated electronic userid (e.g. 
userid 250). According to one embodiment, the result is 
stored in an authentication log file that can be indexed and/or 
searched for matching strings and/or authorization levels in 
the future. The advantage of such a system is that the 

25 authenticated message server 116 can track and record 
incoming and outgoing messages and privileges so that 
security breaches can be tracked and examined by an 
administrator. 

30 In step 328, the authenticated electronic userid 250 is 
returned to the message server (e.g. server 108). According 
to one embodiment the process is repeated for the remote 
user specified in the "cc:" field. When the message server 
(e.g. 108) spools out messages to the other remote users, the 

35 "from:" field will now contain a unique authenticated elec- 
tronic userid for each of the other users as well. However, in 
another embodiment the identity of other remote users 
identified in the "to:" and "cc:" fields arc recorded in an 
authentication log file so they can be matched with the 

40 appropriate inputs used when the authenticated electronic 
userid 250 was created. 

In another embodiment, the authenticated message server 
116 supports explicit requests for an authenticated electronic 
userid 250 without the need for sending a message through 

45 the message server (e.g. server 108). Such a system can be 
employed where a local user specifically requests an authen- 
ticated electronic userid 250 or desires to give such a userid 
to a remote user, organization or internet application (e.g., a 
distribution list.) Instead of spooling out a message with the 

5 n authenticated electronic userid 250, the authenticated mes- 
sage server 116 will return the authenticated electronic 
userid 250 directly to the local user. 

FIG. 4 is a flowchart depicting the steps for verifying an 
authenticated electronic userid 250 based on a message from 

55 a remote user. In step 404, an inbound message is passed 
from router 112 (FIG. 1) to server 108 and is then received 
by authenticated message server 116. In step 408, header 
information, also known as envelope information, is sepa- 
rated from the inbound message, and in particular the remote 

60 user's domain name, the remote userid and the authenl icated 
electronic userid 250 are extracted. Referring to FIG. 2, the 
left side of inbound authenticated electronic userid 250, 
specifically originator identifier 224 (e.g., "roger"), is tested 
in step 412 to confirm that the user is a valid local user on 

"5 the messaging system lOfi lithe oiiginator identifier 224 
does not identify a valid local user, then the authenticated 
message server 116 processing continues to step 436, which 
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is explained in further detail below. If the identifier 224 
contains a valid local user, then the process continues to step 
416. 

In step 416, the authenticated message server 116 per- 
forms a lookup on the originator key (e.g., key 212) related 5 
to the local user "roger". Next, in step 420, a hash (or 
alternatively a data encryption algorithm) is performed on 
the local user's originator key 212, in combination with the 
remote user name (e.g., "jenny(S mailer.com") 208 by the 
digital signature engine 218. In step 424, the digital signa- j( 
ture 219 returned by the digital signature engine 218, at step 
420, is converted to ASCII characters by adaptation algo- 
rithm 220. The result of the conversion (the adapted digital 
signature 228) is compared with the adapted digital signa- 
ture 228 (that is, the portion of the authenticated electronic 15 
userid 250 between the "." (period) and the "@" (at symbol)) 
in step 428. If a match is confirmed, then the authenticated 
message server 116 continues to step 432, where the inbound 
message is accepted and passed on to the message server 
108. From here, the process terminates, since the local user 2Q 
"roger" can retrieve the message from the message server 
108. 

However, if a match is not made in step 428, or if the local 
user does not exist (step 412), then the message is rejected 
at step 436. According to one embodiment, the remote 2 5 
sender is notified of the rejection and the process ends. 
However, if tracking is desired, then information about the 
inbound message (i.e., remote userid, remote host, date, 
time, etc.) is recorded in a failure log file for examination by 
a system administrator at a later lime. 30 

According to one embodiment, the steps for generating 
and verifying an authenticated electronic userid 250 are 
performed by a computer program functioning as a stand- 
alone server 116, or in an add-on software component in 
message server 108. In one embodiment, the instructions for 35 
performing the methods and techniques described herein 
(the computer program) are stored on a computer readable 
medium, such as an electromagnetic storage device (e.g., a 
floppy disk, a magnetic tape, a hard-disk drive, or other 
persistent memory device), or an optical data storage 40 
medium (e.g., a CD-ROM). Generally, prior to execution of 
the sequences of instructions, the sequences of instructions 
arc copied from a non-volatile computer readable medium 
(e.g., the hard-disk drive) to a volatile source (e.g., random 
access memory) and are executed from the volatile computer 45 
readable medium. For purposes of explanation the methods 
and techniques described herein are performed by an authen- 
ticated message server. Where the actual functionality is 
performed, that is on which piece of hardware, is not 
important for purposes of this description. For example, 5,, 
server 108 can be configured to perform the functionality of 
both a message server and an authenticated message server. 

In the foregoing specification, the invention has been 
described with reference to specific embodiments thereof. It 
will be evident, however, that various modifications and 55 
changes can be made thereto without departing from the 
broader spirit and scope of the invention. For example, 
larger or smaller originator keys (e.g., 48 or 128 bit origi- 
nator keys) can be used. Further, the adapted digital signa- 
ture can be truncated in order to not exceed the boundaries 60 
of the address field in an electronic message. Further still the 
authenticated message server functionality can be incorpo- 
rated into the message server (e.g. server 108) rather than in 
a stand-alone device. In still another embodiment, part of the 
authenticated message server functionality (e.g., generating cs 
an authenticated electronic userid) can be performed in a 
client application running on the local user's computer, 
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rather than passing the function on to the message server or 
authenticated message server. In one embodiment, the 
authenticated electronic userid is created by a smartcard 
coupled to the local user's computer, or a smartcard con- 
nected to a user's wireless telephone. The specification and 
drawings are, accordingly, to be regarded in an illustrative, 
rather than a restrictive sense. 
What is claimed is: 

1. A method for verifying an authenticated electronic 
userid comprising: 

receiving an electronic message from a remote user; 
extracting an originator identifier, a first adapted digital 

signature, and at least a portion of a remote userid from 

said electronic message; 
retrieving an originator key based on said originator 

identifier, said originator key not being shared with said 

generating a second adapted digital signature after receiv- 
ing said electronic message, said second adapted digital 
signature based on at least said portion of said remote 
userid and said originator key; 

comparing said first adapted digital signature to said 
second adapted digital signature; 

accepting said electronic message from said remote user 
if said first adapted digital signature and said second 
adapted digital signature match; and 

rejecting said electronic message from said remote user if 
said first adapted digital signature and said second 
adapted digital signature do not match. 

2. The method of claim 1, wherein said act of generating 
said second adapted digital signature comprises: 

hashing said originator key and said portion of said 
remote userid with one or more other identifiers to form 
a digital signature; and 

converting said digital signature from a first digital format 
into a second digital formal, said digital signature in 
said second digital format being said second adapted 
digital signature. 

3. The method of claim 1, wherein said act of generating 
said second adapted digital signature comprises: 

performing an encryption function using said originator 
key and said portion of said remote userid with one or 
more other identifiers to form a digital signature; and 

converting said digital signature from a first digital format 
into a second digital formal, said digital signature in 
said second digital format being said second adapted 
digital signature. 

4. The method of claim 2, further comprising: 
comparing said originator identifier to a list of local users; 

and 

rejecting said electronic message is if said originator 
identifier is not found in said list of local users. 

5. A method lor creating an authenticated electronic 
userid comprising: 

receiving a request for said authenticated electronic use- 
rid; 

retrieving an originator key, said originator key corre- 
sponding to a local userid; 

hashing said originator key, said local userid, and at least 
a portion of a remote userid to form a digital signature; 

converting said digital signature from a first digital format 
into a second digital format, said digital signature in 
said second digital format being an adapted digital 
signature; 
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ing said adapted digital signature with at least 
an originator identifier; and 
returning a result of said act of concatenating as said 
authenticated electronic uscrid. 

6. An electronic message system comprising: 5 
a computer configured to run an electronic message server 

application; 

a router coupled to said computer, said router configured 
to forward a first electronic message from a local user, 1Q 
said first electronic message comprising a first authen- 
ticated electronic userid, and said router further con- 
figured to receive a second electronic message from a 
remote user, said second electronic message compris- 
ing a second authenticated electronic userid; and 

a computer program stored in a memory device coupled 
to said computer, said computer program configured to 
cause said computer to generate said first authenticated 
electronic userid for said first electronic message, said 
first electronic userid having an adapted digital signa- 20 
ture and an originator identifier, and said computer 
program further configured to cause said computer to 
reject said second electronic message if said computer 
cannot re-generate said adapted digital signature from 
an originator identifier, a non-shaied originator key, :5 
and at least a portion of a remote userid, which is 
contained in envelope information associated with said 
second electronic message and match said re-generated 
adapted digital signature with a portion of said second 
authenticated electronic userid. 30 

7. The electronic message system of claim 6, wherein said 
computer program is further configured to generate said 
adapted digital signature by: 

hashing said originator key, at least a portion of said 
remote userid, and an originator identifier to form a 35 
digital signature; and 

converting said digital signature from a first digital format 
into a second digital format, said digital signature in 
said second digital format being said adapted digital 
signature. 40 

8. The electronic message system of claim 7, wherein said 
computer program is further configured to: 

extract said oi iginator identifier from said envelope infor- 
mation associated w itli said second electronic message; 
compare said originator identifier to a list of local users; 

reject said second electronic message if said originator 
identifier does not match a local userid in said list of 
local users. 50 

9. An authenticated message server configured to create 
and verify an authenticated electronic userid, 

wherein creating said authenticated electronic userid 
comprises: 

receiving a request for said authenticated electronic 55 

retrieving an originator key, said originator key corre- 
sponding to a local userid; 

generating a first adapted digiia! signature, said first 
adapted digital signature based on said originator key 60 
and at least a portion of a remote userid; 

concatenating said first adapted digital signature with at 
least an originator identifier; and 

returning a result of said step of concatenating as said 
authenticated electronic userid; and 65 
wherein verifying said authentrcated electronic userid 



receiving an electronic message from a remote user, 
said electronic message comprising said authenti- 
cated electronic userid; 

extracting said originator identifier, said first adapted 
digital signature, and at least said portion of said 
remote userid from said authenticated electronic 
userid; 

retrieving said originator key based on said originator 
identifier; 

generating a second adapted digital signature, said 
second adapted digital signature based on at least 
originator key and at least said portion of said remote 

comparing said first adapted digital signature to said 
second adapted digital signature; 

accepting said electronic message from said remote 
user if said first adapted digital signature and said 
second adapted digital signature match; and 

rejecting said electronic message from said remote user 
if said first adapted digital signature and said second 
adapted digital signature do not match. 

10. The authenticated message server of claim 9, wherein 
said acts of generating said first adapted digital signature and 
said second adapted digital signature comprise: 

hashing said originator key, said portion of said remote 
userid, and one or more other identifiers to form a 
digital signature; and 

converting said digital signature from a first digital format 
into a second digital format, said digital signature in 
said second digital format being said adapted digital 
signature. 

11. The authenticated message server of claim 9, wherein 
said acts of generating said first adapted digital signature and 
said second adapted digital signature comprise: 

performing an encryption function using said originator 
key, said port ion of said remote userid, and one or more 
oilier identifiers to form a digital signature: and 

into a second digital formal, said digital signature 111 
said second digital format being said adapted digital 
signature. 

12. The authenticated message server of claim 10, 
wherein said one or more other identifiers include local user 
information. 

13. The authenticated message server of claim II, 
wherein said one or more other identifiers include local user 
information 

14. The authenticated message server of claim 9, wherein 
said act of verifying said authenticated electronic userid 
further comprises: 

extracting said originatoi identifier from said envelope 

information associated with said electronic message: 
comparing said originator identifier to a list of local users; 

rejecting said electronic message if said originator iden- 
tifier does not match a particular local userid in said list 
of local users. 

15. A method for filtering junk electronic mail, compris- 
ing: 

receiving an electronic message from a remote user; 

generating an adapted digital signature based on an origi- 
nator identifier and remote user information from said 
electronic message and an originator key, said act of 
generating comprising: 

hashing a local userid associated with said originator 
rdentifier, said remote user information, and said 
originator key to form a digital signature; 
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transforming said digital signature from ;> first digital 

format to a second digital format; and 
returning said digital signature in said second digital 
format as said adapted digital signature; 
comparing said adapted digital signature to a portion of 

said electronic message; 
accepting said electronic message it said adapted digital 
signature and said portion of said electronic message 
match; and 

rejecting said electronic message if said adapted digital 
signature and said portion of said electronic message do 

16. The method of claim 15, wherein said electronic 
message is a reply to a first electronic message sent from a 
local userid, said first electronic message comprising said 
originator identifier, and wherein said portion of said elec- 
tronic message compared to said adapted digital signature 
being generated by acts associated with said local userid. 

17. The method of claim 16, wherein said acts associated 
with said local userid 3comprise: 

hashing said local userid, said remote user information, 
and said originator key to form a first digital signature; 

transforming said first digital signature from said first 
digital format to said second digital format; and 

returning said first digital signature in said second digital 
format as said portion of said electronic message. 

18. A computer-readable medium having stored therein 
one or more sequences of instructions for causing at least 
one processor to perform a method for verifying an authen- 
ticated electronic userid, the method comprising: 

receiving an eletronic message from a remote user; 
extracting an originator identifier, a first adapted digital 

signature, and at least a portion of a remote userid from 

said electronic message; 
retrieving an originator key based on said originator 

identifier, said originator key not being shared with said 

generating a second adapted digital signature after receiv- 
ing said electronic message, said second adapted digital 
signature based on at least said portion of said remote 
userid and said originator key; 

comparing said first adapted digital signature to said 
second adapted digital signature; 

accepting said electronic message from said remote user 
if said first adapted digital signature and said second 
adapled digilal signature match; and 

rejecting said eletronic message from said remote user if 
said first adapted digital signature and said second 
adapted digital signature do not match. 

19. The computer-readable medium of claim 18, wherein 
said act of generating said second adapted digilal signature 
comprises: 

hashing said originator key and said portion of said 
remote userid with one or more other identifiers to form 
a digital signature; and 

converting said digital signature from a first digital format 
into a second digital format, said digital signature in 
said second digital format being said second adapted 
digilal signature. 

20. The computer-readable medium of claim 18, wherein 
said act of generating said second adapted digital signature 
comprises: 

performing an encryption function using said originator 
key and said portion of said remote userid with one or 
more other identifiers to form a digital signature; and 
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converting said digital signature from a first digital forma t 
into a second digital format, said digital signature in 
said second drgrtal format being said second adapted 
digital signature. 
5 21. The computer-readable medium of claim 19, further 
comprising: 

comparing said originator identifier to a list of local users; 

rejecting said electronic message is if said originate! 
1° identifier is not found in said list of local users. 

22. Acomputer-readable medium having store therein one 
or more sequences of instructions for causing at least one 
processor to perform a method for creating an authenticated 
electronic userid, the method comprising: 

15 receiving a request for said authenticated eletronic userid; 
retrieving an originator key, said originator key corre- 
sponding to a local userid; 
hashing said originator key, said local userid, and at least 
oQ a portion of a remote userid to form a digital signature; 
converting said digital signature from a first digital format 
into a second digital format, said digital signature in 
said second digital format being an adapted digital 
signature; 

, 5 concatenating said adapted digital signature with at least 
an originator identifier; and 
returning a result of said act of concatenating as said 
authenticated electronic userid. 

23. A computer-readable medium having stored therein 
30 one or more sequences of instructions for causing an authen- 
ticated message server to create and verify an authenticated 
electronic userid, 

wherein creating said authenticated electronic userid 
comprises computer-implemented instructions for: 
35 receiving a request lor said authenticated electronic 

retrieving an originator key, said originator key corre- 
sponding to a local userid; 

generating a first adapted digital signature, said first 
40 adapted digital signature based on said originator key 

and at least a portion of a remote userid; 
concalenal ing said first adapted digital singature with at 

least an originator identifier; and 
returning a result of said step of concatenating as said 
45 authenticated electronic userid; and 

wherein verifying said authenticated electronic userid 
comprises computer-implemented instructions for: 
receiving an eletronic message from a remote user, said 
eletronic message comprising said authenticated 
50 eletronic userid; 

extracting said originator identifier, said first adapted 
digital signature, and least said portion of said 
remote userid from said authenticated eletronic use- 
rid; 

55 retriev ing said originator key based on said originator 

identifier; 

generating a second adapted digital signature, said 
second adapted digital signature based on at least 
originator key and at least said portion of said remote 
60 userid; 

comparing said first adapted digital signature to said 
second adapted digital signature; 

accepting said electronic message from said remote 
user if said first adapted digital signature match; and 
c5 rejecting said eletronic message from said remote user 

if said first adapted digital signature and said second 
adapted digital signature do not match. 
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24. The computer-readable medium of claim 23, wherein 
said acts of generating said lirsl adapted digital signature and 
said second adapted digital signature comprise: 

hashing said originator key, said portion of said remote 
userid, and one or more other identifiers to form a 
digital signature; and 

converting said digital signature from a first digital format 
into a second digital format, said digital signature in 
said second digital format being said adapted digital 
signature. 

25. The computer-readable medium of claim 23, wherein 
said acts of generating said lirst adapted digital signature and 
said second adapted digital signature comprise: 

performing an encryption function using said originator 
key, said portion of said remote userid, and one or more 
other identifiers to form a digital signature; and 

converting said digital signature from a first digital format 
into a second digital format, said digital signature in 
said second digital format being said adapted digital 
signature. 

26. The computer-readable medium of claim 24, wherein 
said one or more other identifiers include local user infor- 

27. The computer-readable medium of claim 25, wherein 
said one or more other identifiers include local user infor- 

28. The computer-readable medium of claim 23, wherein 
said act of verifying said authenticated eletronic userid 
further comprises: 

extracting said originator identifier from said envelope 

information associated with said electronic message; 
comparing said originator identifier to a list of local users; 

rejecting said electronic message if said originator iden- 
tifier does not match a particular local userid in said list 
of local users. 

29. A computer-readable medium having store therein one 
or more sequences of instructions for causing at least one 
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processor to perform a method for filtering junk eletronic 
mail, the method comprising: 

receiving an eletronic message from a remote user; 
generating an adapted digital signature based on an origj- 
5 nator identifier and remote suer information from said 

eletronic message and an originator key, said act of 
generating comprising: 

hashing a local userid associated with said originator 
identifier, said remote user information, and said 
10 originator key to form a digital signature; 

transforming said digital signature from a first digital 

format to a second digital format; and 
returning said digital signature in said second digital 
format as said adapted digital signature; 
15 comparing said adapted digital signature to a portion of 
said eletronic message; 
accepting said eletronic message if said adapted digital 
signature and said portion of said electronic message 
match; and 

20 rejecting said eletronic message if said adapated digital 
signature and said portion of said electronic message do 

30. The computer-readable medium of claim 29, wherein 
said electronic message is a reply to a first electronic 
message sent from a local userid, said lirst electronic mes- 
sage comprising said originator identifier, and w herein said 
portion of said electronic message compared to said adapted 
digital signature being generated by acts associated with said 
local userid. 

30 31. The computer-readable medium of claim 30, wherein 
said acts associated with said local userid comprise: 
hashing said local userid, said remote user information, 
and said originator key to form a lirst digital signature; 
transforming said first digital signature from said first 
35 digital formal to said second digital format; and 

returning said first digital signature in said second digital 
format as said portion of said electronic message. 
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